SYN floods continue
Avi Freedman
freedman at netaxs.com
Wed Sep 11 17:11:03 UTC 1996
> > I don't know, but since nobody else seems to either, how about a
> > router box that detects excessive SYN activity and then automatically
> > blocks that ip address for awhile? I suppose it just means that
> > the attacker has to vary the source address rapidly.
> >
> If they modulate the phasers we just need to modulate the sheilds. :-O
>
> If someone comes up with a good solution we will be glad to impliment it.
> --
> /*Joseph T. Klein * Keep Cool, but Don't Freeze
> * NAP.NET, LLC *
> * phone +1 414 747-8747 * - Hellman's Mayonnaise
> * http://www.nap.net */
Well, it's a good analogy (modulating the phasers).
But they're *randomizing* the phasers...
Avi
More information about the NANOG
mailing list